diff options
author | Simon Josefsson <simon@josefsson.org> | 2008-11-07 11:46:25 +0100 |
---|---|---|
committer | Simon Josefsson <simon@josefsson.org> | 2008-11-07 11:46:25 +0100 |
commit | 096dabda549302d668d7fe9a55204a27a81b9d25 (patch) | |
tree | 552a59d180847e39aa58def38bb59c57dd9bdd48 | |
parent | 25299b279e8dfb03758394c771c600ea50b5a99d (diff) | |
download | gnutls-096dabda549302d668d7fe9a55204a27a81b9d25.tar.gz |
Fix, suggested by Martin.
-rw-r--r-- | NEWS | 6 |
1 files changed, 3 insertions, 3 deletions
@@ -7,9 +7,9 @@ See the end for copying conditions. ** libgnutls: Fix X.509 certificate chain validation error. [GNUTLS-SA-2008-3] The flaw makes it possible for man in the middle attackers (i.e., -active attackers) to assume any server name and trick GNU TLS clients -into trusting that name. Thanks for report and analysis from Martin -von Gagern <Martin.vGagern@gmx.net>. [CVE-2008-4989] +active attackers) to assume any name and trick GNU TLS clients into +trusting that name. Thanks for report and analysis from Martin von +Gagern <Martin.vGagern@gmx.net>. [CVE-2008-4989] Any updates with more details about this vulnerability will be added to <http://www.gnu.org/software/gnutls/security.html> |